Cuestionario del módulo 8 – Prueba del protocolo de resolución de direcciones Respuestas

12/03/2022 CyberOps Associate v1.0 Leave a comment

Última actualización: abril 1, 2022

1. How does the ARP process use an IP address?

  • to determine the MAC address of a device on the same network
  • to determine the amount of time a packet takes when traveling from source to destination
  • to determine the MAC address of the remote destination host
  • to determine the network number based on the number of bits in the IP address
Explique: The ARP process is used to complete the necessary mapping of IP and MAC addresses that are stored in the ARP table that is maintained by each node on a LAN. When the destination device is not on the same network as the source device, the MAC address of the Layer 3 device on the the source network is discovered and added to the ARP table of the source node.

2. What will a host do first when preparing a Layer 2 PDU for transmission to a host on the same Ethernet network?

  • It will search the ARP table for the MAC address of the destination host.
  • It will query the local DNS server for the name of the destination host.
  • It will initiate an ARP request to find the MAC address of the destination host.
  • It will send the PDU to the router directly connected to the network.
Explique: In order to encapsulate a Layer 3 PDU into a frame, the sending host needs to know the MAC address of the destination host. The sending host first checks the ARP table. If a match is found in the table, the host uses the MAC address as the destination MAC in the frame. Otherwise, it will initiate an ARP request to obtain the destination MAC.

3. Refer to the exhibit. Which protocol was responsible for building the table that is shown?

  • DNS
  • ICMP
  • DHCP
  • ARP
Explique: The table that is shown corresponds to the output of the arp -a command, a command that is used on a Windows PC to display the ARP table.

4. When an IP packet is sent to a host on a remote network, what information is provided by ARP?

  • the MAC address of the switch port that connects to the sending host
  • the IP address of the default gateway
  • the MAC address of the router interface closest to the sending host
  • the IP address of the destination host
Explique: When a host sends an IP packet to a destination on a different network, the Ethernet frame cannot be sent directly to the destination host because the host is not directly reachable in the same network. The Ethernet frame must be sent to another device known as the router or default gateway in order to forward the IP packet. ARP is used to discover the MAC address of the router (or default gateway) and use it as the destination MAC address in the frame header.

5. A host is trying to send a packet to a device on a remote LAN segment, but there are currently no mappings in the ARP cache. How will the device obtain a destination MAC address?

  • It will send the frame with a broadcast MAC address.
  • It will send an ARP request for the MAC address of the default gateway.
  • It will send an ARP request to the DNS server for the destination MAC address.
  • It will send an ARP request for the MAC address of the destination device.
  • It will send the frame and use the device MAC address as the destination.
Explique: When sending a packet to a remote destination, a host will need to send the packet to a gateway on the local subnet. Because the gateway will be the Layer 2 destination for the frame on this LAN segment, the destination MAC address must be the address of the gateway. If the host does not already have this address in the ARP cache, it must send an ARP request for the address of the gateway.

6. What is the aim of an ARP spoofing attack?

  • to fill switch MAC address tables with bogus addresses
  • to flood the network with ARP reply broadcasts
  • to associate IP addresses to the wrong MAC address
  • to overwhelm network hosts with ARP requests
Explique: In an ARP spoofing attack, a malicious host intercepts ARP requests and replies to them so that network hosts will map an IP address to the MAC address of the malicious host.

7. A host needs to reach another host on a remote network, but the ARP cache has no mapping entries. To what destination address will the host send an ARP request?

  • the unicast MAC address of the remote host
  • the unicast IP address of the remote host
  • the subnet broadcast IP address
  • the broadcast MAC address
Explique: ARP requests are sent when a host does not have an IP to MAC mapping for a destination in the ARP cache. ARP requests are sent to the Ethernet broadcast of FF:FF:FF:FF:FF:FF. In this example because the address of the remote host is unknown, an ARP request is sent to the Ethernet broadcast to resolve the MAC address of the default gateway that is used to reach the remote host.

8. Refer to the exhibit. PC1 issues an ARP request because it needs to send a packet to PC2. In this scenario, what will happen next?​

  • PC2 will send an ARP reply with the PC2 MAC address.
  • SW1 will send an ARP reply with the PC2 MAC address.​
  • RT1 will send an ARP reply with the PC2 MAC address.​
  • SW1 will send an ARP reply with the SW1 Fa0/1 MAC address.​
  • RT1 will send an ARP reply with the RT1 Fa0/0 MAC address.​
Explique: When a network device wants to communicate with another device on the same network, it sends a broadcast ARP request. In this case, the request will contain the IP address of PC2. The destination device (PC2) sends an ARP reply with the PC2 MAC address.

9. In what kind of memory is the ARP table stored on a device?

  • NVRAM
  • flash
  • RAM
  • ROM
Explique: When a packet is sent to the data link layer to be encapsulated into an Ethernet frame, the device checks the ARP table that is stored in RAM. The ARP table is used to map the destination IPv4 address to a MAC address.

10. What is a characteristic of ARP messages?

  • ARP messages have a type field of 0x805.
  • ARP messages are encapsulated within an IPv4 header.
  • ARP replies are unicast.
  • ARP requests are broadcasts, and they are flooded out all ports by the switch.
Explique: Because ARP requests are broadcasts, they are flooded out all ports by the switch except the receiving port. Only the device that originally sent the ARP request will receive the unicast ARP reply. ARP messages have a type field of 0x806. ARP messages are encapsulated directly within an Ethernet frame. There is no IPv4 header.

11. What statement describes the function of the Address Resolution Protocol?

  • ARP is used to discover the MAC address of any host on a different network.
  • ARP is used to discover the IP address of any host on the local network.
  • ARP is used to discover the IP address of any host on a different network.
  • ARP is used to discover the MAC address of any host on the local network.
Explique: When a PC wants to send data on the network, it always knows the IP address of the destination. However, it also needs to discover the MAC address of the destination. ARP is the protocol that is used to discover the MAC address of a host that belongs to the same network.

12. Why would an attacker want to spoof a MAC address?

  • so that the attacker can capture traffic from multiple VLANs rather than from just the VLAN that is assigned to the port to which the attacker device is attached
  • so that a switch on the LAN will start forwarding all frames toward the device that is under control of the attacker (that can then capture the LAN traffic)
  • so that a switch on the LAN will start forwarding frames to the attacker instead of to the legitimate host
  • so that the attacker can launch another type of attack in order to gain access to the switch
Explique: MAC address spoofing is used to bypass security measures by allowing an attacker to impersonate a legitimate host device, usually for the purpose of collecting network traffic.

13. What important information is examined in the Ethernet frame header by a Layer 2 device in order to forward the data onward?

  • Ethernet type
  • destination MAC address
  • source IP address
  • source MAC address
  • destination IP address
Explique: The Layer 2 device, such as a switch, uses the destination MAC address to determine which path (interface or port) should be used to send the data onward to the destination device.
Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
© Copyright 2024, All Rights Reserved
0
¿Tienes otra pregunta? Por favor comentax